Web Application Security News
July 27, 2016
Problems with LastPass security might have been improperly disclosed, putting user passwords at higher risk, but the flaws have already been fixed, with an update rolling out now.
April 12, 2016
Customers with hosted sites will now have WordPress SSL turned on for free by default, thanks to Let's Encrypt certificates, potentially making a large number of websites more secure.
January 22, 2016
The security researcher behind the LostPass phishing attack on LastPass has criticized the company's reaction and responses to his findings.
December 11, 2015
News roundup: Cyber politics in U.S., as leaders attempt to balance access to strong encryption with terror threats. Also: Microsoft's German data centers, SHA-1 deprecation schedule, and more.
Web Application Security Get Started
Bring yourself up to speed with our introductory content
As SSL technology evolves and changes, new vulnerabilities begin to cause problems. Expert Rob Shapland explains how security professionals can overcome these SSL security issues. Continue Reading
Opportunistic encryption offers encryption for servers that don't support HTTPS. Expert Michael Cobb explains how it works and how it can help Web security. Continue Reading
Expert Ed Tittel explores the purpose of Web fraud detection systems and services, which are designed to reduce the risks inherent in electronic payments and e-commerce. Continue Reading
Evaluate Web Application Security Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
The top companies and application security products that organizations consider when they seek to reduce their application vulnerabilities. Continue Reading
The updated Chrome extension policy allows users and developers to only install extensions from the Chrome Web Store. Learn how this affects security and enterprise apps. Continue Reading
Expert Ed Tittel explores the features of the top Web fraud detection systems and compares critical purchasing criteria. Continue Reading
Manage Web Application Security
Learn to apply best practices and optimize your operations.
SSL attacks such as Heartbleed, POODLE and Shellshock have placed countless enterprises at risk. Learn how these different attacks work, and how they can be prevented or mitigated. Continue Reading
Enterprises can't avoid dealing with cloud-based application security any longer. Expert Dejan Lukan discusses the challenges and why they're not as bad as they seem. Continue Reading
SSL subscription services are emerging to help enterprises handle the daunting task of SSL certificate management. Expert Michael Cobb discusses the benefits of such a service. Continue Reading
Problem Solve Web Application Security Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
Web application security vulnerabilities exist from browser to SSL/TLS. Expert Brad Causey explains how application security testing and Web application firewalls can address this. Continue Reading
Address bar spoofing attacks can be detrimental to an organization. Expert Michael Cobb details several vulnerabilities and explains how to defend against the threat. Continue Reading
Expert Michael Cobb explains the difference between cross-site scripting and cross-site scripting inclusion (XSSI) flaws. Continue Reading